Next.js

Authentication & Security in Next.js: Complete Guide

6 articles
Hub + 6 spokes

Series Overview

Master authentication patterns in modern web applications: OAuth 2.1 flows, session management, token refresh, API security, and production-ready implementations across Shopify, MCP servers, and Next.js.

All Articles in Series

H
How to Add Shopify Authentication to a Headless Storefront Using the Customer Account API
HUB1 of 6

How to Add Shopify Authentication to a Headless Storefront Using the Customer Account API

A step-by-step guide to secure logins, registrations, and order history with full UX control

Learn how to implement Shopify authentication in a headless storefront using the Customer Account API—covering login, registration, and order history.

25 min readJul 20, 2025By Matija Žiberna
1
How to Fetch and Update Customer Data in Shopify Headless with Next.js 15
PART 12 of 6

How to Fetch and Update Customer Data in Shopify Headless with Next.js 15

Securely fetch and update Shopify customer profiles, addresses, and orders using the Customer Account API with OAuth and GraphQL in a type-safe Next.js 15 app.

A complete guide to fetching and updating Shopify customer data in a headless Next.js 15 app using the Customer Account API, GraphQL, and OAuth-based authentication.

7 min readAug 8, 2025By Matija Žiberna
2
Build a Secure Email Pipeline in Next.js
PART 23 of 6

Build a Secure Email Pipeline in Next.js

Learn how to send secure transactional emails using Brevo without exposing your SMTP credentials.

Discover how to create a secure server-only email pipeline in Next.js that handles forms and sends notifications without risking credentials.

6 min readOct 27, 2025By Matija Žiberna
3
Build an IP Intelligence Firewall for Newsletter Signups
PART 34 of 6

Build an IP Intelligence Firewall for Newsletter Signups

Protect Your Newsletter with Advanced IP Filtering Techniques

Learn how to build an IP intelligence firewall to protect your newsletter signups from spam and abuse. Perfect for Next.js developers!

15 min readOct 24, 2025By Matija Žiberna
4
OAuth for MCP Server: Complete Guide to Protecting Claude
PART 45 of 6

OAuth for MCP Server: Complete Guide to Protecting Claude

Implement OAuth 2.1 with Dynamic Client Registration and PKCE to secure your MCP server for Claude clients

Protect your MCP server with OAuth 2.1: step-by-step guide for Claude CLI and Web including Dynamic Client Registration, PKCE, token verification, and common…

13 min readDec 7, 2025By Matija Žiberna
5
Persist Google OAuth Refresh Tokens with Next.js & Redis
PART 56 of 6

Persist Google OAuth Refresh Tokens with Next.js & Redis

Step-by-step Next.js guide using Upstash Redis to secure offline Google OAuth refresh tokens and enable background API…

Persist Google OAuth refresh tokens using Next.js and Upstash Redis to preserve refresh_token for offline access — secure background integrations without user…

6 min readDec 21, 2025By Matija Žiberna

Topics Covered

authenticationOAuth 2.1securitysession managementtoken refreshPKCEShopify Customer Account APIMCP securityNext.js auth
Back to all series